News

Google Calendar invites let researchers hijack Gemini to leak user data
Google fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on ...
Google confirms data breach exposed potential Google Ads customers' info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of ...
60 malicious Ruby gems downloaded 275,000 times steal credentials
Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, ...
WinRAR zero-day exploited to plant malware on archive extraction
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the ...
Microsoft will kill the Lens PDF scanner app for iOS, Android
Microsoft announced that it will phase out the Microsoft Lens PDF scanner app for Android and iOS devices starting September ...
OpenAI to fix GPT-5 issues, double rate limits for paid users after outrage
OpenAI's CEO, Sam Altman, overpromised on GPT-5, and real-life results are underwhelming, but it looks like a new update is ...
U.S. Judiciary confirms breach of court electronic records service
The U.S. Federal Judiciary confirms that it suffered a cyberattack on its electronic case management systems hosting ...
Microsoft 365 apps to soon block file access via FPRPC by default
Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC ...
CISA orders fed agencies to patch new Exchange flaw by Monday
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical ...
Fake WhatsApp developer libraries hide destructive data-wiping code
Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code ...
Columbia University data breach impacts nearly 870,000 individuals
An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia ...
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older ...